Force logon even for domain users


I've got an IIS 5 server running. I've got things setup so that users need to logon using their domain user name and password (integrated security).

Things work fine. But when working from e.g. my local workstation, I am not prompted for a username, the server see's the way i am logged on to windows and since that account is valid, it will us that account for browsing the website.

Is there a way to force me to logon (and there by enableing me to use a different user)?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Pete LongTechnical ConsultantCommented:
open the IIS admin console (under admin tools) or add it into a mmc console

right click default website, properties look for the security settings and untick allow anonymous login
palloquinAuthor Commented:
uh... Thank you but I had that down :)

I have disabled anonymous logins, but because I am on the same network, IIS uses (my clients) windows logon user (which is a network user).

If you disable the anonymous access and enable the Integrated Windows Authentication that even network users will be prompted for a username/password.  I have Win2kServer/IIS5 set up here at home and I just tested it.
Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

have you got both plain *and* integrated enabled?

What you are asking for requires you to have basic authentication ONLY enabled.  (you will also need to check that the default domain is correct for your user accounts to authenticate).

If you use anonymous it will use the iusr account to authenticate.
If you use integrated it will use the currently logged on user to authenticate.

Ensure you ONLY have basic authentication ticked and it should always prompt for credentials allowing you to enter whichever user's credentials you wish.

Credentials will need to be entered in the format:
As what i understand from your first post, maybe you can try this. Go to your Internet Explorer (if you are using it), click Tools -> Security -> Custom Level -> Users Authentication -> ckeck the "Prompt for a username and password".

The IE by default will use your logon for any domain authentication. Therefore when you test from your computer, it will actually use your current logon as the authentication parameters.

I might wrong, please correct me if you get the Real solution. Hope this helps!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
what if you want the opposite?  For the server to authenticate through the domain?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.